]> git.r.bdr.sh - rbdr/tiny-command-pal/blame_incremental - README.md
Constraint max payload length to 3 bytes
[rbdr/tiny-command-pal] / README.md
... / ...
CommitLineData
1# tiny-command-pal (tcpal)
2
3A server that listens for a signed command and payload, and executes a local command based on it. It's intended to be used on very low bandwidth networks.
4
5## Configuration
6
7tcpal is configured using a TOML located in `XDG_CONFIG_HOME` called tcpal.toml
8
9A typical tcpal config looks like this
10
11```
12[publish_blog]
13command = 'echo {{payload}} > ~/posts/incoming.gmi && blog --add ~/posts/incoming.gmi'
14authorized_keys = [
15 ssh-ed25519 AAAA...ZZZ ruben
16]
17authorized_hosts = [
18 192.168.1.10,
19 192.168.0.0/24
20]
21```
22
23- `command` is the command to execute. {{payload}} will be replaced with the contents of the signed payload. Can't be longer than 255 bytes.
24- `authorized_keys` is an array of public ed25519 keys that are allowed to run this command.
25- `authorized_hosts` is an array of hosts that are authorized to run this command. 0.0.0.0 is not allowed.
26
27At least one entry is required in both of the authorized arrays, otherwise the command won't be executed.
28
29## The Process
30
31TBD
32
33## The Messages
34
35- Message IDs 00-79 are reserved for clients.
36- Message IDs 80-FF are reserved for servers.
37
38### The Authorization Check Message (0x00)
39
40This command is used to confirm whether the current host is authorized to send the given command. While not necessary, it is recommended that clients do this to avoid sending the payload without confirming the identity of the server, and whether the command is allowed.
41
42```
43## Header, 4 bytes
441. Magic Byte (0x7C), 1 byte
452. Authorization Check Message Flag (0x00), 1 byte
463. Length of command in bytes (0x00-0xFF), 1 byte
474. Start of Text Byte (0x02), 1 byte
48## The Command (Variable)
491. The command, Up to 255 bytes in length, must correspond to the value in header field 3
502. Unit Separator Byte (0x1F), 1 byte
513. The signature of the command, signed by a private ed25519 key, 64 bytes
524. End of Text Byte (0x03), 1 byte
53## Footer, 1 byte
541. End of Transmission Byte (0x04), 1 byte
55```
56
57```
58All numbers in hexadecimal.
59┌───────────────────┬──────────────────────────────────┬────┐
60│ HEADER │ BODY │FOOT│
61├────┬────┬────┬────┼────┬─────────┬────┬────┬────┬────┼────┤
62│ 00 │ 01 │ 02 │ 03 │ 04 ┊ A+CLEN │B+01│B+02┊B+41│B+42│B+43│
63├────┼────┼────┼────┼────┴─────────┼────┼────┴────┼────┼────┤
64│ 7C │ 00 │CLEN│ 02 │ COMMAND │ 1F │SIGNATURE│ 03 │ 04 │
65└────┴────┴────┴────┼──────────────┼────┴─────────┴────┴────┘
66 A B
67```
68
69### The Authorization Response Message (0x80)
70
71Sent as a response of the 0x00 message. It includes the authorization status of the client for the given command, as well as the signature of the command signed by the server.
72
73This signature should be used to confirm whether the client is talking to the right server. This is left up to the client and can be strict (eg. only accept responses from servers whose public key we have authorized before), flexible (eg. accept the first signature and ensure a server keeps the same signature), or it may choose to ignore this value completely.
74
75```
76## Header, 3 bytes
771. Magic Byte (0x7C), 1 byte
782. Authorization Response Message Flag (0x80), 1 byte
793. Start of Text Byte (0x02), 1 byte
80## The Command, 67 bytes
811. Authorization Response Code (0x00-0xFF), 1 byte
822. Record Separator Byte (0x1E), 1 byte
833. The signature of the command, signed by the server's private ed25519 key, 64 bytes
844. End of Text Byte (0x03), 1 byte
85## Footer, 1 byte
864. End of Transmission Byte (0x04), 1 byte
87```
88
89```
90All numbers in hexadecimal.
91┌──────────────┬────────────────────────┬────┐
92│ HEADER │ BODY │FOOT│
93├────┬────┬────┼────┬────┬────┬────┬────┼────┤
94│ 00 │ 01 │ 02 │ 03 ┊ 04 │ 05 ┊ 44 │ 45 ┊ 41 │
95├────┼────┼────┼────┼────┼────┴────┼────┼────┤
96│ 7C │ 80 │ 02 │AUTH│ 1E │SIGNATURE│ 03 │ 04 │
97└────┴────┴────┴────┴────┴─────────┴────┴────┘
98```
99
100The codes are as follows:
101
102- 00 Authorized
103- 40 Unrecognized Command
104- 41 Unauthorized Host
105- 42 Unauthorized Key
106- 50 Unknown Error
107
108### The Command Message (0x01)
109
110This is an actual command.
111
112```
113## Header, 7 bytes
1141. Magic Byte (0x7C), 1 byte
1152. Command Message Flag (0x01), 1 byte
1163. Length of command in bytes (0x00-0xFF), 1 byte
1174. Length of payload (0x000000-0xFFFFFF), 3 bytes
1185. Start of Text Byte (0x02), 1 byte
119## The Command (Variable)
1201. The command, Up to 255 bytes in length, must correspond to the value in header field 3
1212. Unit Separator Byte (0x1F), 1 byte
1223. The signature of the command, signed by a private ed25519 key, 64 bytes
1234. Record Separator Byte (0x1E), 1 byte
124## The Payload (Variable)
1251. The payload, up to 16,777,215 bytes in length, must correspond to the value in header field 4.
1262. Unit Separator Byte (0x1F)
1273. The signature of the payload, signed by the same private ed25519 key as the command, 64 bytes
1284. End of Text Byte (0x03), 1 byte
129## Footer, 1 byte
1302. End of Transmission Byte (0x04), 1 byte
131```
132
133```
134All numbers in hexadecimal.
135┌─────────────────────────────┬─────────────────────────────────────────────────────────────────────┬────┐
136│ HEADER │ BODY BODY │FOOT│
137├────┬────┬────┬────┬────┬────┼────┬─────────┬────┬────┬────┬────┬────┬─────────┬────┬────┬────┬────┼────┤
138│ 00 │ 01 │ 02 │ 03 ┊ 05 │ 06 │ 07 ┊ A+CLEN │B+01│B+02┊B+41│B+42│B+43┊B+42+PLEN│C+01│C+02┊C+41│C+42│C+43│
139├────┼────┼────┼────┴────┼────┼────┴─────────┼────┼────┴────┼────┼────┴─────────┼────┼────┴────┼────┼────┤
140│ 7C │ 01 │CLEN│ PLEN │ 02 │ COMMAND │ 1F │SIGNATURE│ 1E │ PAYLOAD │ 1F │SIGNATURE│ 03 │ 04 │
141└────┴────┴────┴─────────┴────┼──────────────┼────┴─────────┴────┴──────────────┼────┴─────────┴────┴────┘
142 A B C
143```
144
145### The Command Result Message (0x81)
146
147Sent as a response to an 0x01 command, it includes the authorization code, the exit status of the command, and the signature of the command sent.
148
149If authorization is anything other than 0x00, then exit status will always be 0x00.
150
151```
152## Header, 3 bytes
1531. Magic Byte (0x7C), 1 byte
1542. Command Result Message Flag (0x81), 1 byte
1553. Start of Text Byte (0x02), 1 byte
156## Body, 69 Bytes
1571. Authorization Response Code (0x00-0xFF), 1 byte
1582. Record Separator Byte (0x1E), 1 byte
1593. Command Exit Status Code (0x00-0xFF), 1 byte
1604. Record Separator Byte (0x1E), 1 byte
1615. The signature of the command, signed by the server's private ed25519 key, 64 bytes
1626. End of Text Byte (0x03), 1 byte
163## Footer, 1 byte
1641. End of Transmission Byte (0x04), 1 byte
165```
166
167```
168All numbers in hexadecimal.
169┌──────────────┬──────────────────────────────────┬────┐
170│ HEADER │ BODY │FOOT│
171├────┬────┬────┼────┬────┬────┬────┬────┬────┬────┼────┤
172│ 00 │ 01 │ 02 │ 03 ┊ 04 │ 05 ┊ 06 │ 07 ┊ 46 │ 47 ┊ 48 │
173├────┼────┼────┼────┼────┼────┼────┼────┴────┼────┼────┤
174│ 7C │ 81 │ 02 │AUTH│ 1E │CODE│ 1E │SIGNATURE│ 03 │ 04 │
175└────┴────┴────┴────┴────┴────┴────┴─────────┴────┴────┘
176```
177
178The authorization codes are the same as for the authorization response message.